preals.pl

.pl crawl

First seen 2026-05-31 · Last seen 2026-06-01 · ok HTTP/1.1 200 669 ms crawled 2026-06-01

PL · 83.3.40.181 · AS5617 Orange Polska Spolka Akcyjna

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title: Agencja PR | PREALS
Description: Agencja PR PReal's. Profesjonalna komunikacja. Budujemy trwały wizerunek Klientów. Oferujemy profesjonalne usługi doradztwa, budowania, ochrony i utrwalania wizerunku.
Language: pl

Technology

Server: Apache
PHP: 8.2.31 security-only
jQuery: 3.3.1 known XSS (<3.5)
Stack: PHP

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (3)

fonts.googleapis.com×4
www.google.com×1
www.googletagmanager.com×1

Contact

Phone

DNS records live

NS

ns1.nazwa.pl
ns2.nazwa.pl
ns3.nazwa.pl

MX

0 preals-pl.mail.protection.outlook.com

TXT

Rp3-e5K-1An

Verified for

Google

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1;p=none;sp=none;pct=100;rua=mailto:bok@preals.pl;ruf=mailto:bok@preals.pl;ri=86400;aspf=r;adkim=r;fo=0:1:d:s

policy: none (monitoring only) · sp=none

DKIM

s1: v=DKIM1;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzLtaf08Gk8sAEqNBglsrst/ioAanNxgIkpmToDbt3FfWUxNCZD9jPYvOjQMjrDLrj3wNiXfe8GHz7X+mvfJbL9z…

selectors probed

Certificate (current)

YE1

from 2026-06-01 to 2026-08-30

Expires in 89 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://preals.pl/

present

content-security-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: default-src 'self' 'unsafe-inline' https://www.google.com https://sandbox-easy-geowidget.easypack24.net https://*.google-analytics.com https://*.inpost.pl https://*.googleapis.com http://83.3.40.181:9999 http://83.3.40.181:8888 https://apps.dostepnemiejsce.pl https://dev.dostepnemiejsce.pl https://test.dostepnemiejsce.pl https://dostepnemiejsce.pl blob: https://cke4.ckeditor.com https://cdnjs.cloudflare.com https://api-cdn6.callpage.io https://cdn-widget.callpage.io https://region1.analytics.google.com https://api.callpage.io https://stats.g.doubleclick.net https://geoipapi.callpage.io; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://cdn.jsdelivr.net https://sandbox-easy-geowidget-sdk.easypack24.net https://*.inpost.pl https://use.fontawesome.com https://*.jquery.com https://unpkg.com https://*.googleapis.com https://cdn-widget.callpage.io; font-src https://use.fontawesome.com https://fonts.gstatic.com https://*.preals.pl https://preals.p

Links to (13)

Linked from (1)

semeco.waw.pl×1